Cyber Attach Targets Gas Pipeline Companies

Edit 6

Article: Cyber Attack Targets Gas Pipeline Companies (By Suzanne Kelly; CNN.com)

Summary By: Jenn Patterson

  • The Department of Homeland Security’s cybersecurity division, the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has been working with owners and operators in the oil and natural gas industry since March 2012 “to address a series of cyber intrusions targeting natural gas pipeline companies.” The attacks have been highly sophisticated, very target specific, spear-phishing activities. The e-mails received by the targets have been meticulously constructed to appear to have been sent by a “trusted member” of the organization. Some of the hackers have gone so far as to research the company’s employees on social networks to ensure the e-mails appear to be legitimate. Once the target has opened the illegitimate e-mail, the target’s computer is susceptible to having malicious software uploaded or having the company's network monitored. The article states that ICS-CERT has been able to identify the attack, but not the size or scope of the attack; however ICS-CERT will not confirm whether or not they have identified the intent of the attackers. The targeted companies have allowed ICS-CERT to have access to the cyber attack’s data which will allow them to not only monitor the malicious activity but also possibly identify the source and/or the intent of the attacks.
  • There are multiple ways the targeted companies could have prevented the spear-phishing attacks now being investigated by ICS-CERT. The first way to prevent spear phishing attacks is to make sure network computers have the latest and most up to date antivirus and spam filter software installed. This will not guarantee that the e-mail(s) will not get through to the intended target, but it is a start. Secondly, the company’s IT department can create a whitelist, a list of e-mail addresses or domains for which the company’s e-mail blocking software will allow messages to be received from (SecurityExchange.com). The whitelist will create an additional layer of security that may prevent the malware from being downloaded. Finally, a third preventative control companies can use to prevent a spear-phishing attack is to use Web Proxies to stop executable and exploit codes from reaching the target computer’s desktop (DarkReading.com). Although there is not a way to completely prevent spear-phishing attacks, layered security is a company's best defense.
1st article 40/40